The German BSI (Federal Office for Information Security) is a main source for IT security recommendations in Europe. Based on its Technical Guideline TR-02102-4_ Cryptographic Mechanisms: Recommendations and Key Lengths – Use of S..., i have tried to harden SSH on my R81.20 Gateway using the suggested cryptographic protocols that should be safe until 2029+. This has resulted in the following configuration:
GW8120> show ssh server cipher enabled
--------------------------------
enabled cipher:
--------------------------------
aes128-gcm@openssh.com
aes256-gcm@openssh.com
--------------------------------
GW8120> show ssh server kex enabled
--------------------------------
enabled kex:
--------------------------------
diffie-hellman-group16-sha512
diffie-hellman-group-exchange-sha256
ecdh-sha2-nistp256
ecdh-sha2-nistp384
ecdh-sha2-nistp521
--------------------------------
GW8120> show ssh server mac enabled
--------------------------------
enabled mac:
--------------------------------
hmac-sha2-256
hmac-sha2-256-etm@openssh.com
hmac-sha2-512
hmac-sha2-512-etm@openssh.com
--------------------------------
I would like to receive comments, additions and critical statements concerning SSH cryptographic protocols in CP products!
Additional note: Suggested secure ciphers also include aes128-ctr, aes192-ctr and aes256-ctr, but the recommendation is AEAD_AES_128_GCM and AEAD_AES_256_GCM.
CCSE / CCTE / CTPS / CCME / CCSM Elite / SMB Specialist